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DETAILED ACTION 

Remarks 

1 . Claims 1-32 are pending. 

Claim Rejections - 35 USC § 101 

2. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

3. Claims 1 -32 are rejected under 35 U.S.C. 1 01 because the claimed invention is 
directed to non-statutory subject matter. 

4. As per claims 1 -22, these claims are drawn to methods which are not statutory 
processes because they lack physical transformation or machine implementation that 
are required for these claims to be statutory. 

5. As per claims 23-32, the claimed subject matter, "an isolation environment", does 
not fit into any of the statutory categories (process, machine, manufacture, or 
composition of matter). In order for the claimed subject matter to fit into a statutory 
category under 35 USC 101 , the Applicant is requested to further distinguish the 
claimed subject matter to adhere to one of these categories. 
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Claim Rejections - 35 USC § 102 

6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 



7. Claim 23 is rejected under 35 U.S.C. 1 02(e) as being anticipated by Kaqi et al. 
C Kaqi' hereinafter) (Publication Number 2006/0064697). 

As per claim 23, Kagi teaches 

An isolation environment for isolating access by application programs to native 
resources provided by an operating system, the isolation environment comprising: (see 
abstract and background) 

a user isolation scope storing an instance of a native resource, the user isolation 
scope corresponding to a user; (virtual machine which performs isolation by virtualizing 
resources, paragraph [0019], lines 5-15) 

and a redirector intercepting a request for the native resource made by a process 
executing on behalf of the user and redirecting the request to the user isolation scope, 
(virtual devices virtualize functionalities of physical devices, paragraph [0026], lines 1-3) 
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Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 
USPQ 459 (1966), that are applied for establishing a background for determining 
obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 

This application currently names joint inventors. In considering patentability of 

the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 

the various claims was commonly owned at the time any inventions covered therein 

were made absent any evidence to the contrary. Applicant is advised of the obligation 

under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 

not commonly owned at the time a later invention was made in order for the examiner to 

consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 



prior art under 35 U.S.C. 103(a). 
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9. Claims 1 -22 and 24-32 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Kaqi et al. (' Kaqi' hereinafter) (Publication Number 2006/0064697) in 
view of Czajkowski et al. (' Czajkowski ' hereinafter) ("A Multi-User Virtual Machine", 
Proc. of the USENIX 2003 Annual Technical Conference, 2003, pages 85-98). 

As per claim 1 , Kaqi teaches 

A method for isolating access by application programs to native resources 
provided by an operating system, the method comprising the steps of: (see abstract and 
background) 

(a) redirecting to an isolation environment comprising a user isolation scope a 
request for a native resource made by a process executing on behalf of a first user; 
(virtual machine which performs isolation by virtualizing resources, paragraph [0019], 
lines 5-15) 

(b) locating an instance of the requested native resource in the user isolation 
scope on behalf of a first user; (virtual device inside of VMM, paragraph [0022], lines 18- 
21) 

and (c) responding to the request for the native resource using the instance of 
the required native resource located in the user isolation scope, (virtual devices 
virtualize functionalities of physical devices, paragraph [0026], lines 1-3) 

Kaqi does not explicitly indicate "and an application isolation scope". 

However, Czajkowski discloses "and an application isolation scope" (create 
isolate to run application, section 2.2, fifth paragraph) 
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It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine Kaqi and Czaikowski because using the steps of "and 
an application isolation scope" would have given those skilled in the art the tools to 
improve the invention by providing multiple contexts with no modifications to the 
operating system itself. This gives the user the advantage of being able to host multiple 
users on a single machine. 

As per claim 2, Kaqi teaches 

step (b) comprises failing to locate an instance of the requested native resource 
in the user isolation scope, (paragraph [0063], lines 3-5) 

As per claim 3, 

Kagi does not explicitly indicate "step (c) comprises redirecting the request to the 
application isolation scope". 

However, Czajkowski discloses "step (c) comprises redirecting the request to the 
application isolation scope" (section 3.1 , third paragraph) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine Kaqi and Czaikowski because using the steps of "step 
(c) comprises redirecting the request to the application isolation scope" would have 
given those skilled in the art the tools to improve the invention by providing multiple 
contexts with no modifications to the operating system itself. This gives the user the 
advantage of being able to host multiple users on a single machine. 



Application/Control Number: 10/711,737 
Art Unit: 2168 



Page 7 



As per claim 4, Kaqi teaches 

(d) locating an instance of the requested native resource; (paragraph [0025], 
lines 4-6) 

and responding to the request for the native resource using the instance of the 
requested native resource located, (paragraph [0025], lines 5-8) 

Kagi does not explicitly indicate "in the application isolation scope". 

However, Czaikowski discloses "in the application isolation scope" (section 2.2, 
fifth paragraph) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine Kagi and Czajkowski because using the steps of "in the 
application isolation scope" would have given those skilled in the art the tools to improve 
the invention by providing multiple contexts with no modifications to the operating 
system itself. This gives the user the advantage of being able to host multiple users on 
a single machine. 

As per claim 5, Kagi teaches 

step (e) comprises creating an instance of the requested native resource in the 
user isolation scope that corresponds to the instance of the requested native resource 
located and responding to the request for the native resource using the instance of the 
requested native resource created in the user isolation scope, (paragraph [0026], lines 
8-12) 
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Kagi does not explicitly indicate "in the application isolation scope". 
However, Czaikowski discloses "in the application isolation scope" (section 2.2, 
fifth paragraph) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine Kagi and Czajkowski because using the steps of "in the 
application isolation scope" would have given those skilled in the art the tools to improve 
the invention by providing multiple contexts with no modifications to the operating 
system itself. This gives the user the advantage of being able to host multiple users on 
a single machine. 

As per claim 6, Kagi teaches 

step (d) comprises failing to locate an instance of the requested native resource, 
(paragraph [0063], lines 3-5) 

Kagi does not explicitly indicate "in the application isolation scope". 

However, Czajkowski discloses "in the application isolation scope" (section 2.2, 
fifth paragraph) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine Kagi and Czaikowski because using the steps of "in the 
application isolation scope" would have given those skilled in the art the tools to improve 
the invention by providing multiple contexts with no modifications to the operating 
system itself. This gives the user the advantage of being able to host multiple users on 
a single machine. 
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As per claim 7, Kaqi teaches 

step (e) comprises responding to the request for the native resource using the 
system-scoped native resource, (paragraph [0023], lines 1-4) 

As per claim 8, Kaqi teaches 

step (e) comprises: creating an instance of the requested native resource in the 
user isolation scope that corresponds to the instance of the requested resource located 
in the system scope and responding to the request for the native resource using the 
instance of the resource created in the user isolation scope, (paragraph [0019], lines 6- 
10) 

As per claim 9, Kagi teaches 

the step of hooking a request for a native resource made by a process executing 
on behalf of a first user, (paragraph [0024], lines 2-5) 

As per claim 1 0, Kaqi teaches 

the step of intercepting a request for a native resource executing on behalf of a 
first user, (paragraph [0025], lines 4-7) 

As per claim 1 1 , Kaqi teaches 
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the step of intercepting by a file system filter driver a request for a file system 
native resource executing on behalf of a first user, (paragraph [0026], lines 10-14) 

As per claim 1 2, Kaqi teaches 

step (a) comprises redirecting to an isolation environment comprising a user 
isolation scope a request for a file made by a process executing on behalf of a first user, 
(paragraph [0027], lines 3-7) 

Kaqi does not explicitly indicate "and an application isolation scope". 

However, Czajkowski discloses "and an application isolation scope" (section 2.2, 
fifth paragraph) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine Kaqi and Czajkowski because using the steps of "and 
an application isolation scope" would have given those skilled in the art the tools to 
improve the invention by providing multiple contexts with no modifications to the 
operating system itself. This gives the user the advantage of being able to host multiple 
users on a single machine. 

As per claim 1 3, Kaqi teaches 

step (a) comprises redirecting to an isolation environment comprising a user 
isolation scope and an application isolation scope a request for a registry database 
entry made by a process executing on behalf of a first user, (paragraph [0026], lines 10- 
15) 
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Kagi does not explicitly indicate "and an application isolation scope". 
However, Czaikowski discloses "and an application isolation scope" (section 2.2, 
fifth paragraph) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine Kagi and Czajkowski because using the steps of "and 
an application isolation scope" would have given those skilled in the art the tools to 
improve the invention by providing multiple contexts with no modifications to the 
operating system itself. This gives the user the advantage of being able to host multiple 
users on a single machine. 

As per claim 14, Kagi teaches 

(d) redirecting to the isolation environment a request for the native resource 
made by a second process executing on behalf of a second user; (paragraph [0025], 
lines 8-12) 

(e) locating an instance of the requested native resource in a second user 
isolation scope; (paragraph [0025], lines 10-14) 

(f) and responding to the request for the native resource using the instance of the 
native resource located in the second user isolation scope, (paragraph [0025], lines 10- 
16) 



As per claim 1 5, Kagi teaches 



Application/Control Number: 1 0/71 1 ,737 Page 1 2 

Art Unit: 2168 

the process executes concurrently on behalf of a first user and a second user, 
(paragraph [0022], lines 4-10) 

As per claim 1 6, Kaqi teaches 

step (e) comprises failing to locate an instance of the requested native resource 
in the second user isolation scope, (paragraph [0063], lines 3-5) 

As per claim 1 7, Kaqi teaches 

step (f) comprises redirecting the request, (paragraph [0028], lines 2-5) 
Kaqi does not explicitly indicate "to the application isolation scope". 
However, Czajkowski discloses "to the application isolation scope" (section 2.2, 
fifth paragraph) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine Kaqi and Czaikowski because using the steps of "to the 
application isolation scope" would have given those skilled in the art the tools to improve 
the invention by providing multiple contexts with no modifications to the operating 
system itself. This gives the user the advantage of being able to host multiple users on 
a single machine. 

As per claim 1 8, Kaqi teaches 

(d) locating an instance of the requested resource; (paragraph [0025], lines 2-5) 
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and (e) responding to the request for the native resource using the version of the 
native resource located, (paragraph [0025], lines 3-6) 

Kagi does not explicitly indicate "in the application isolation scope". 

However, Czaikowski discloses "in the application isolation scope" (section 2.2, 
fifth paragraph) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine Kagi and Czajkowski because using the steps of "in the 
application isolation scope" would have given those skilled in the art the tools to improve 
the invention by providing multiple contexts with no modifications to the operating 
system itself. This gives the user the advantage of being able to host multiple users on 
a single machine. 

As per claim 1 9, Kagi teaches 

(d) redirecting to the isolation environment a request for a native resource made 
by a second process executing on behalf of a first user; (paragraph [0025], lines 8-12) 

(e) locating an instance of the requested native resource in the user isolation 
scope; (paragraph [0025], lines 10-14) 

and (f) responding to the request for the native resource using the instance of the 
resource located in the user isolation scope, (paragraph [0025], lines 10-16) 



As per claim 20, Kagi teaches 
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step (e) comprises failing to locate an instance of the requested native resource 
in the user isolation scope, (paragraph [0063], lines 3-5) 

As per claim 21 , Kaqi teaches 

step (f) comprises redirecting the request to a second application isolation scope, 
(paragraph [0025], lines 8-12) 

As per claim 22, Kaqi teaches 

(d) locating an instance of the requested resource; (paragraph [0025], lines 8-12) 

and (e) responding to the request for the native resource using the instance of 
the native resource located, (paragraph [0025], lines 10-14) 

Kaqi does not explicitly indicate "in the second application isolation scope". 

However, Czajkowski discloses "in the second application isolation scope" 
(section 2.2, fifth paragraph) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine Kaqi and Czaikowski because using the steps of "in the 
application isolation scope" would have given those skilled in the art the tools to improve 
the invention by providing multiple contexts with no modifications to the operating 
system itself. This gives the user the advantage of being able to host multiple users on 
a single machine. 



As per claim 24, 
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Kagi does not explicitly indicate "the isolation environment further comprises an 
application isolation scope storing an instance of the native resource". 

However, Czajkowski discloses "the isolation environment further comprises an 
application isolation scope storing an instance of the native resource" (section 2.2, fifth 
paragraph) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine Kagi and Czajkowski because using the steps of "the 
isolation environment further comprises an application isolation scope storing an 
instance of the native resource" would have given those skilled in the art the tools to 
improve the invention by providing multiple contexts with no modifications to the 
operating system itself. This gives the user the advantage of being able to host multiple 
users on a single machine. 

As per claim 25, 

Kagi does not explicitly indicate "the isolation environment further comprises a 
second application isolation scope storing an instance of the native resource". 

However, Czajkowski discloses "the isolation environment further comprises a 
second application isolation scope storing an instance of the native resource" (section 
2.2, fifth paragraph) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to combine Kagi and Czajkowski because using the steps of "the 
isolation environment further comprises an application isolation scope storing an 
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instance of the native resource" would have given those skilled in the art the tools to 
improve the invention by providing multiple contexts with no modifications to the 
operating system itself. This gives the user the advantage of being able to host multiple 
users on a single machine. 

As per claim 26, Kaqi teaches 

the redirector returns a handle to the requesting process that identifies the native 
resource, (paragraph [0028], lines 10-14) 

As per claim 27, Kaqi teaches 

a rules engine specifying behavior for the redirector when redirecting the request, 
(paragraph [0032], lines 4-10) 

As per claim 28, Kaqi teaches 

the redirector comprises a file system filter driver, (paragraph [0032], lines 2-5) 
As per claim 29, Kaqi teaches 

the redirector comprises a function hooking mechanism, (paragraph [0038], lines 

4-8) 



As per claim 30, Kaqi teaches 
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the function hooking apparatus intercepts an operation selected from the group 
of file system operations, registry operations, operating system services, packing and 
installation services, named object operations, window operations, file-type association 
operations and Component Object Model (COM) server operations, (paragraph [0026], 
lines 8-15) 

As per claim 31 , Kaqi teaches 

the application isolation environment further comprises a second user isolation 
scope storing a second instance of the native resource, (paragraph [0025], lines 8-12) 

As per claim 32, Kaqi teaches 

the application isolation environment further comprises a second user isolation 
scope storing an instance of the native resource, the second user isolation scope 
corresponding to a second user, (paragraph [0025], lines 10-14) 

Response to Arguments 

1 0. Applicant's arguments filed 9/29/08 have been fully considered but they are not 
persuasive. 

1 1 . With respect to the 35 USC 1 01 rejections of claims 23-32 and non-statutory, 
Applicant argues that the claims are statutory because the claims are tired to a 
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machine. Respectfully, it is still not clear if the claims are drawn to a machine or a 
process, because a process is also tied to a machine. Therefore it is unclear which 
single statutory class these claims fall under and the 35 USC 101 rejections of claims 
23-32 are maintained. 

12. Applicant argues that Kaqi does not disclose "redirecting to an isolation 
environment comprising a user isolation scope and an application isolation scope a 
request for a native resource provided by an operating system". Respectfully, Kagi does 
disclose the sharing of system resources between multiple virtual machines by 
virtualizing resources in the physical machine (paragraph [0019], lines 8-15) where each 
virtual machine is an isolation environment with user isolation scope with requests for 
native resources of the operating system. Respectfully, it is noted that the newly added 
Czajkowski reference discloses the application isolation scope limitation. Therefore, 
Applicant's arguments have been considered but are moot in view of the new ground(s) 
of rejection. 



Conclusion 

13. The prior art made of record, listed on form PTO-892, and not relied upon is 
considered pertinent to applicant's disclosure. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jay A. Morrison whose telephone number is (571) 272- 
71 12. The examiner can normally be reached on M-F 8-4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Tim Vo can be reached on (571 ) 272-3642. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



/Tim T. Vo/ 

Supervisory Patent Examiner, Art Unit 2168 



Jay Morrison 
TC2100 



Tim Vo 
TC2100 



